about summary refs log tree commit diff
path: root/scripts/nix-profile-daemon.sh.in
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2018-11-15T12·07+0100
committerGitHub <noreply@github.com>2018-11-15T12·07+0100
commit32a0a223d589085ad43d77f4f36266a74e2822a8 (patch)
tree7336ee741a9369fe849c3dae7aeb948bbb0e432d /scripts/nix-profile-daemon.sh.in
parent9dc9b64aadadd9f3b8277fb942b00dad1a753fd3 (diff)
parentfb72104b80eb5747788ac32bcef9fc1db00d9825 (diff)
Merge pull request #2432 from luke-clifton/fixssl
SSL certificate search failed to find user profile certificates.
Diffstat (limited to 'scripts/nix-profile-daemon.sh.in')
-rw-r--r--scripts/nix-profile-daemon.sh.in11
1 files changed, 7 insertions, 4 deletions
diff --git a/scripts/nix-profile-daemon.sh.in b/scripts/nix-profile-daemon.sh.in
index 87d9fe5061a7..6940969cca7b 100644
--- a/scripts/nix-profile-daemon.sh.in
+++ b/scripts/nix-profile-daemon.sh.in
@@ -61,10 +61,13 @@ elif [ -e /etc/ssl/certs/ca-bundle.crt ]; then # Old NixOS
     export NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
 elif [ -e /etc/pki/tls/certs/ca-bundle.crt ]; then # Fedora, CentOS
     export NIX_SSL_CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt
-elif [ -e "$NIX_USER_PROFILE_DIR/etc/ssl/certs/ca-bundle.crt" ]; then # fall back to cacert in the user's Nix profile
-    export NIX_SSL_CERT_FILE=$NIX_USER_PROFILE_DIR/etc/ssl/certs/ca-bundle.crt
-elif [ -e "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt" ]; then # fall back to cacert in the default Nix profile
-    export NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt
+else
+  # Fall back to what is in the nix profiles, favouring whatever is defined last.
+  for i in $NIX_PROFILES; do
+    if [ -e $i/etc/ssl/certs/ca-bundle.crt ]; then
+      export NIX_SSL_CERT_FILE=$i/etc/ssl/certs/ca-bundle.crt
+    fi
+  done
 fi
 
 export NIX_PATH="nixpkgs=@localstatedir@/nix/profiles/per-user/root/channels/nixpkgs:@localstatedir@/nix/profiles/per-user/root/channels"